Initial settings
The first time that you start the FortiProxy-VM, you will only have access through the console window of your VMware vSphere environment. After you configure one FortiProxy network interface with an IP address and administrative access, you can access the FortiProxy-VM GUI.
Every FortiProxy-VM includes a 15-day trial license. During this time the VM operates in evaluation mode. Before using the VM, you must upload the license file that you downloaded from Customer Service & Support upon registration.
More information about configuring and operating FortiProxy-VM after a successful deployment is available in the Fortinet Document Library.
To configure GUI access on the port1 interface:
-
In your hypervisor manager, start the FortiProxy‑VM and access the console window. You might need to press Enter to see the login prompt.
-
At the login prompt, enter the username
admin
then pressEnter
. -
Enter an administrator password, and then confirm the password.
If you upgrade the vDisk size, the vDisk size and FortiProxy-VM log partition size likely do not match, and you will see
failed to determine size
errors when you attempt to log into the console.Press
Enter
repeatedly until you see the log in prompt, log in to the console, then enter:execute formatlogdisk
-
Configure the port1 IP address and netmask:
config system interface edit port1 set mode static set ip <IP address> <netmask> append allowaccess https next end
-
Configure the default gateway:
config router static edit 1 set device port1 set gateway <ip_address> next end
-
Optionally, configure the DNS servers:
config system dns set primary <Primary DNS server> set secondary <Secondary DNS server> end
The default DNS servers are 208.91.112.53 and 208.91.112.52.
To connect to the FortiProxy‑VM GUI:
-
Launch a web browser, and enter the IP address you configured for the port1 management interface. For example:
https://192.168.0.1
. -
At the login page, enter the username
admin
and the password that you configured.
To upload the license file:
-
Go to System > FortiGuard and click FortiProxy‑VM License.
-
Click Upload and find the license file (.lic) on your computer.
-
Click OK to upload the license.
-
Log in to the FortiProxy‑VM.
-
Confirm that the license has been successfully uploaded and validated by FortiGuard Distribution Network (FDN):
-
Go to Dashboard > Status. The VM registration status appears as valid in the Virtual Machine and Licenses widgets
-
Go to System > FortiGuard and click FortiProxy‑VM License. A message reports that the license was successfully authenticated.
-
If logging is enabled, the log message
"License status changed to VALID"
is recorded in the event log. -
If the update failed:
-
Check the following settings on the FortiProxy‑VM:
-
Time and time zone
-
DNS settings
-
Network interface statuses and IP addresses
-
Static routes
-
-
On the management computer, verify that FortiGuard domain names are resolving:
C:\>nslookup update.fortiguard.net Server: google-public-dns-a.google.com Address: 8.8.8.8 Name: fds1.fortinet.com Addresses: 2620:101:9005:1100::205 192.168.100.205 192.168.100.220 Aliases: update.fortiguard.net
-
On the FortiProxy, verify that communication with the internet and FortiGuard is possible:
# execute ping update.fortiguard.net PING fds1.fortinet.com (173.243.138.67): 56 data bytes 64 bytes from 173.243.138.67: icmp_seq=0 ttl=58 time=8.1 ms 64 bytes from 173.243.138.67: icmp_seq=1 ttl=58 time=3.2 ms 64 bytes from 173.243.138.67: icmp_seq=2 ttl=58 time=3.0 ms 64 bytes from 173.243.138.67: icmp_seq=3 ttl=58 time=3.8 ms 64 bytes from 173.243.138.67: icmp_seq=4 ttl=58 time=2.6 ms --- fds1.fortinet.com ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max = 2.6/4.1/8.1 ms
# execute traceroute update.fortiguard.net traceroute to update.fortiguard.net (173.243.138.67), 32 hops max, 3 probe packets per hop, 84 byte packets 1 192.168.0.7 10.584 ms 2.927 ms 5.073 ms 2 10.29.206.1 5.982 ms 8.006 ms 4.199 ms 3 154.11.11.113 3.584 ms 7.947 ms 8.679 ms 4 154.11.2.86 2.428 ms 2.337 ms 2.645 ms 5 * 66.163.69.46 <rd3bb-tge0-11-0-0.vc.shawcable.net> 1.586 ms 1.915 ms 6 * 64.141.25.113 <h64-141-25-113.bigpipeinc.com> 3.491 ms 2.571 ms 7 64.141.25.114 <h64-141-25-114.bigpipeinc.com> 1.563 ms 2.385 ms 1.966 ms 8 96.45.47.39 2.475 ms 2.106 ms 2.105 ms 9 173.243.138.252 2.452 ms 2.305 ms 1.877 ms 10 173.243.138.67 <update.fortiguard.net> 2.220 ms 1.620 ms 1.990 ms
-
Wait for the next automatic license query (about 30 minutes), or reboot the FortiProxy‑VM:
execute reboot
.
If FortiProxy is unable to validate the license after four hours a warning message it displayed in the local console.
-
-